goofwear

## 0-SD-GUIDE.md

      
              2 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                goofwear
                / 0-SD-GUIDE.md
            
            
              Created
              January 26, 2019 21:50
                — forked from khang06/0-SD-GUIDE.md
            
              
                Switch SD Dumping 101
              
          
    https://gbatemp.net/threads/nintendo-switch-sd-to-nsp-dumper.514816/ for a more automated and easier way to do this
This guide assumes you have previous experience with hactool and messing with your NAND.
You aren't supposed to blindly copy commands in this, so read before pasting!
Also, the Python sections require Python 2.7 and pycrypto.
Make sure your hactool is v1.2 or above.
Obtaining Your SD Seed


Run https://cdn.discordapp.com/attachments/432400335235973120/478053328857726976/Compelled-Disclosure.nro (source at https://github.com/shadowninja108/Compelled-Disclosure, thx Shadów#6239)


## hactool_key_verify.py
'''
hactool key verifier v0.2 by Khangaroo
a very badly made script to verify your hactool keys

Hash sources:
https://gist.github.com/roblabla/d8358ab058bbe3b00614740dcba4f208
My own console
https://github.com/SocraticBliss/hactool/blob/4169184c88a10cde0db8eaa83d38bd32a7f35751/KEYS.md
Some places that I can't link
'''

## hosts
127.0.0.1 api.ak.facebook.com
127.0.0.1 api.connect.facebook.com
127.0.0.1 api.facebook.com
127.0.0.1 app.facebook.com
127.0.0.1 apps.facebook.com
127.0.0.1 ar-ar.facebook.com
127.0.0.1 badge.facebook.com
127.0.0.1 blog.facebook.com
127.0.0.1 connect.facebook.com
127.0.0.1 connect.facebook.net

## gist:bca41e3e8a6edcc8ce3aac0f804956b8

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                goofwear
                / gist:bca41e3e8a6edcc8ce3aac0f804956b8
            
            
              Created
              January 12, 2020 00:54
                — forked from Pusungwi/gist:7212599
            
              
                A List of Javascript Emulator
              
          
    A List Of Javascript Emulator

This is my personal list of Javascript Emulator
Apple II


[Apple II+] (http://porkrind.org/a2/)
[Apple II js] (http://www.scullinsteel.com/apple2/)


## 20200114-TLP-WHITE_CVE-2020-0601.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                goofwear
                / 20200114-TLP-WHITE_CVE-2020-0601.md
            
            
              Created
              January 19, 2020 03:29
                — forked from SwitHak/20200114-TLP-WHITE_CVE-2020-0601.md
            
              
                BlueTeam CheatSheet * CVE-2020-0601 * crypt32.dll | Last updated: 2020-01-17 2220 UTC
              
          
    CVE-2020-0601 AKA ChainOfFools OR CurveBall

General


Microsoft disclosed a vulnerability in their monthly Patch Tuesday referenced under CVE-2020-0601.
The vulnerability was discovered by the U.S. National Security Agency, anounced today (2020-01-14) in their press conference,  followed by a blog post and an official security advisory.
The flaw is located in the "CRYPT32.DLL" file under the C:\Windows\System32\ directory.

Vulnerability explanation


NSA description:
NSA has discovered a critical vulnerability (CVE-2020-0601) affecting Microsoft Windows® cryptographic functionality.


## ChromeAppDownloader.py
# -*- coding: utf-8 -*-

"""
Python Script to download the Chrome Extensions (CRX) file directly from the google chrome web store.
Referred from http://chrome-extension-downloader.com/how-does-it-work.php
"""

from __future__ import division
import argparse
import requests

## switchEMMCUpgradeSteps.txt
Based on this: http://www.nathanbunn.com/NandUpgradeSteps/
using this: https://github.com/ihaveamac/ninfs
and using this: https://github.com/rajkosto/memloader

Using native MacOS tools + NinFS and memloader on the switch.

- Make Backup of 32G NAND
    Use Hekate
- Install 256G NAND
- Restore boot0/1 backups with hekate

## README.md

      
              3 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                goofwear
                / README.md
            
            
              Created
              January 30, 2020 19:23
                — forked from nikcub/README.md
            
              
                Facebook PHP Source Code from August 2007
              
          
    In August 2007 a hacker found a way to expose the PHP source code on facebook.com. He retrieved two files and then emailed them to me, and I wrote about the issue:
http://techcrunch.com/2007/08/11/facebook-source-code-leaked/
It became a big deal:
http://www.techmeme.com/070812/p1#a070812p1
The two files are index.php (the homepage) and search.php (the search page)

  
## gist:ee6a5efaffc2f0980e95e8a9aee0a8ef
#!/usr/bin/perl


use Mysql;
use strict;
use vars qw($school_name);
use vars qw($pass);

require "./cgi-lib.pl";

## tx_unpack.py
from Crypto.Cipher import AES
from Crypto.Util import Counter
import struct

"""
typedef struct boot_dat_hdr
{
	unsigned char ident[0x10];
	unsigned char sha2_s2[0x20];
	unsigned int s2_dst;
	'''
	hactool key verifier v0.2 by Khangaroo
	a very badly made script to verify your hactool keys

	Hash sources:
	https://gist.github.com/roblabla/d8358ab058bbe3b00614740dcba4f208
	My own console
	https://github.com/SocraticBliss/hactool/blob/4169184c88a10cde0db8eaa83d38bd32a7f35751/KEYS.md
	Some places that I can't link
	'''
	127.0.0.1 api.ak.facebook.com
	127.0.0.1 api.connect.facebook.com
	127.0.0.1 api.facebook.com
	127.0.0.1 app.facebook.com
	127.0.0.1 apps.facebook.com
	127.0.0.1 ar-ar.facebook.com
	127.0.0.1 badge.facebook.com
	127.0.0.1 blog.facebook.com
	127.0.0.1 connect.facebook.com
	127.0.0.1 connect.facebook.net
	# -- coding: utf-8 --

	"""
	Python Script to download the Chrome Extensions (CRX) file directly from the google chrome web store.
	Referred from http://chrome-extension-downloader.com/how-does-it-work.php
	"""

	from __future__ import division
	import argparse
	import requests
	Based on this: http://www.nathanbunn.com/NandUpgradeSteps/
	using this: https://github.com/ihaveamac/ninfs
	and using this: https://github.com/rajkosto/memloader

	Using native MacOS tools + NinFS and memloader on the switch.

	- Make Backup of 32G NAND
	Use Hekate
	- Install 256G NAND
	- Restore boot0/1 backups with hekate
	#!/usr/bin/perl



	use Mysql;
	use strict;
	use vars qw($school_name);
	use vars qw($pass);

	require "./cgi-lib.pl";
	from Crypto.Cipher import AES
	from Crypto.Util import Counter
	import struct

	"""
	typedef struct boot_dat_hdr
	{
	unsigned char ident[0x10];
	unsigned char sha2_s2[0x20];
	unsigned int s2_dst;